Overview

overview

7

Static

static

3

Badlion Cl....1.exe

windows7-x64

4

Badlion Cl....1.exe

windows10-2004-x64

4

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$PLUGINSDI...ls.dll

windows7-x64

3

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/UAC.dll

windows7-x64

3

$PLUGINSDIR/UAC.dll

windows10-2004-x64

3

$PLUGINSDI...ll.dll

windows7-x64

3

$PLUGINSDI...ll.dll

windows10-2004-x64

3

$PLUGINSDIR/app-64.7z

windows7-x64

3

$PLUGINSDIR/app-64.7z

windows10-2004-x64

7

LICENSES.c...m.html

windows7-x64

1

LICENSES.c...m.html

windows10-2004-x64

1

VMProtectSDK32.dll

windows7-x64

1

VMProtectSDK32.dll

windows10-2004-x64

3

VMProtectSDK64.dll

windows7-x64

1

VMProtectSDK64.dll

windows10-2004-x64

1

api-ms-win...-0.dll

windows10-2004-x64

1

api-ms-win...-0.dll

windows10-2004-x64

1

api-ms-win...-0.dll

windows10-2004-x64

1

api-ms-win...-0.dll

windows10-2004-x64

1

api-ms-win...-0.dll

windows10-2004-x64

1

concrt140.dll

windows7-x64

1

concrt140.dll

windows10-2004-x64

1

d3dcompiler_47.dll

windows10-2004-x64

1

discord-rpc.dll

windows7-x64

1

discord-rpc.dll

windows10-2004-x64

1

ffmpeg.dll

windows7-x64

1

ffmpeg.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    15/03/2024, 21:28

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    LICENSES.chromium.html

  • Size

    5.2MB

  • MD5

    27206d29e7a2d80ee16f7f02ee89fb0f

  • SHA1

    3cf857751158907166f87ed03f74b40621e883ef

  • SHA256

    2282bc8fe1798971d5726d2138eda308244fa713f0061534b8d9fbe9453d59ab

  • SHA512

    390c490f7ff6337ee701bd7fc866354ef1b821d490c54648459c382ba63c1e8c92229e1b089a3bd0b701042b7fa9c6d2431079fd263e2d6754523fce200840e2

  • SSDEEP

    12288:/7etnqnVnMnBnunQ9RBvjYJEi400/Q599b769B9UOE6MwMGucMEbHDuX0YnpWQZO:sFEc5FeWSPZza8yUMmfSHCHWJ4pps

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\LICENSES.chromium.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1724
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1724 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3012

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
          Filesize

          67KB

          MD5

          753df6889fd7410a2e9fe333da83a429

          SHA1

          3c425f16e8267186061dd48ac1c77c122962456e

          SHA256

          b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

          SHA512

          9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          fe30ffb7d681f2c165d86840fc80aaaf

          SHA1

          c658ca8240f92593a5d1ae6ca65c037b33f7a62a

          SHA256

          8d9ad6c9944b4ab1e7705e3dfb00a3a941c57cf25c78767a108498b72ce84c0a

          SHA512

          dfcdc4eb344f82b8a392a8aeb74bfcd9ee5a6d41cc8712d5250d0e581bdd8e98228b5fa9e70df33fd7ecb6defc742f7ce4f34c4dcac19be88ec6a09062ba1e4f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          d4cbdd10c7559d04a21f8091931ef2cc

          SHA1

          84a891e70445b71a29bff930128ad1edb9bce80f

          SHA256

          79912fd7ba23a74470e3dcdca7689cd58759893dbd87a8e0fbdd8b3aef1e39a9

          SHA512

          325772b71ab6561926376ac2a4603593e241cfa064831163840ad652efff678b0a259601cc8e606908a47818e6b64d98b14a4af6b05808a0e2b0b3fa95145d15

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          4f3fd643a2f87ef6b7ba3bd4b273f5c9

          SHA1

          aeb2cfe17b813c2a83a3dddef237ac7e1c80fccc

          SHA256

          89122a1a86dcbca104997969108655464c33f0a9be3e15394d4feffacc7f1534

          SHA512

          c02b3adda2fcc0e8a48554049a9ab56ecfcdf55bdc55fbc791a3d06c283f3a2724975e9d1c572084f08395f067a6a00a606c2d92622a616a526bbb929e72ff2d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          c34c3010f38c2fb7a2f8f6bfefa2a9cd

          SHA1

          980f6c533cc7f586d95a5f995bfcb701329d4e6a

          SHA256

          8d655321493e91089343557a4ec17c610b7a03eee4f81515c69f336ff3063aed

          SHA512

          996806150e5b3d3b7dc3c64f02ee4a8fdf585bdebc6df0f316aa4d7154ee4310abef9261060932b008bb989d628544f063b8f01f85fa6d14319f43873d5ba79f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          2cafa3883f700c9599bb2e32f81ff31a

          SHA1

          e4759562572702d06acafb8d5d23243dac2db1ca

          SHA256

          173d195f441f11875f7e0e779b2757edc001d711b77e61595d0f84d727478d41

          SHA512

          bc8abf7ec24dad03ad2958307603b5dd0b4421f3d517867bf9b152b075394ba93b5fc60257df942996ecb71ea90a9c62c0f569e983e33e06669c913a66db7ad8

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          bc6f3a215820e1cfb6cde2f8fa6c40dc

          SHA1

          8d8476549808bca2c018ae237c6202aff080fd02

          SHA256

          68abec45326b105870b8842cfe525265720ad705fdb83c0f71869cff529bf444

          SHA512

          c112efadab281ff8af544adca0463c546bb7ea3bdc3757ed88778d74c634887b3a0702919f40d68e5512afaa3114019fdea7e20e40fee5ac0ccd5e52f283e261

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          d614b73b3a09573d61b9c34f08da29d6

          SHA1

          e2d0ab098755886f17de388ac136a1a8c4e01f25

          SHA256

          f114eb2ec11ec017a2c0ad0995ea67384174745c989f4cbee689440981c00089

          SHA512

          24b7488f2c2121efba3a5af6ce0c988682e2f905c89c1ad87975702055a80564fe124962fc5aa7664187601fbe3c57a2af4dcbb32481c0939350d50820bdad13

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          34dc0025cfcd2cbf458ccab31ccfbfad

          SHA1

          3b7d43e6629b5006b9401e92b75aac0265b945da

          SHA256

          57d7282704e67344c1a328a9d49d56f4b397487a5e84e6320fb5071b17090738

          SHA512

          6ad88d5d90c07e9a49297b5cfeec0f10e253aecad45ed3ad46825bf223fb7966cb8ddaabf71b0c3ab29cc6a6b6a90f59b88ea51d3184d12aa6da97eb9b0d4987

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          3e0213276a1d2de8568d66f67370b520

          SHA1

          73fb4ca3f1568bae4890d734ac017dff5f012820

          SHA256

          0b6cabea66dbbb98e1c32ab80837002c5576a01956d55a387eeadb4f7110b5d3

          SHA512

          ca74d540f3fa810263e29cc6c206050e7ffe064ca7b2f78b33990809ccc9fa2a16d8b45bcb7954a514822e3584bfedf02ec3741f8609168f3addd4690630fca1

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          e7c4b7853ca4904b6bf16d3e5bc7affc

          SHA1

          3d354bc7070eeaab5f735ead7022693d64a43e56

          SHA256

          341c1851dc3f3d0ef40650685d3b1403db081c8a0a964e8527244e22658742de

          SHA512

          a8d42ee8a3aa7dc1a9e50dde23d42e45794151dbe8d95ee263f5aced3835d82e2000139631d330a29d83d3df5b91fffc6fe16d87ce8b0794339cbbfcfc9cf240

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          564844110636be0b7eac5624d6a0f1cd

          SHA1

          15dfa2a854289f054d2a9e538ec1f60c57c77ffb

          SHA256

          931968b03995bc8e31e6a06bc7daa89b09e8e077b6e09a39304943b1d0675869

          SHA512

          68b85e522f7933fec0f89d287a260180b4222c5bf31c42400a7a920282261dedb7113eaa6cf410080841f0023a544ada7beaaeb0f4d0ca50ca09d0c6d6b76d83

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          6e44c168d4efc2a6f83987b08e630193

          SHA1

          dd18ff77dcad06b61ef94ec68d18e1d23b9ef5b6

          SHA256

          240617ea978c54c5d24fb6d08dc73b71667c485fe0a32257ce765c8608e12dd6

          SHA512

          c5da1436954e10fda57ac85742fd251fb22bc65056894e68aba6a894c211c7cc79d12bc3878f11d37c06727123a81b337f583a2d2f26c9107cb3e87490bc83d6

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          e165970a75b6db00f6e242d4528bf367

          SHA1

          dd19888da53cda3f680ef168cf663cdaa6aba128

          SHA256

          0f245c91e760faf84361d54bf74e4e655220939371cb02bcd943590af2a1031f

          SHA512

          71959f206c5983e3e873678e09a055538ba408e7e24e5f4e7940eb5f26b0d49d9297c5a2ae23251e975d9ab90928e044b5e11f60e7408b287c688b325a3ae0d2

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          d1adc1e101bc0aa188f254c777312ceb

          SHA1

          33579aeb0cc153d8bcbd6d83d74cdaced25718fd

          SHA256

          a8e7d6d57981831d5d24cb06aaf5b9c47fec6320b31935892a62a02afe4693a6

          SHA512

          289f89b2119ec2d29d110bab39f8c989ef0bd3650128fc12cd66c27c4f15052fecc97b01d769b39bb3ef6bb4da205d5aa0af3b4a4f3f6e24512119c095671e03

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          ac4f33aa98782c7dc0f817f9964dcc2c

          SHA1

          11d682ac51e8bf6efcf5e9fd6ffccea89292d388

          SHA256

          6887ae9a7902d8a3cb0424e563d9f72c4689114c151f53606a6de4686e757260

          SHA512

          392ce71c0895049fa5df82d5adacfed784bc5adb2a55809be578abfe0dc41d8ef3fcc4fc1eb2112e2111a10360c0f98c9182302c9482db87c4d1e53675f7e922

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          17efa0d5b6fa9e3e98e47a3f6fbc39a9

          SHA1

          c443ce39f76f0a039f335a3b2f19e8b33b902734

          SHA256

          79e5d0281b10f42804dce82dd7b48d95144fe25f304ebef0e490f924e3a10699

          SHA512

          f1372222690c6065faeb6bfbbd55886881e6d206885597cd327f9d0fd5740aa38d9f887685bb2eef88c58db5bf8d32aa2f08cd2f70ace13e21b7942238be77c5

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          3f3e3825ddb8b79e612a301a5a1ce157

          SHA1

          174a24ca00c07977677df7ce598debdbaf1f2e6a

          SHA256

          2dec0607a6c44548e04927382823730e26e55fadc4e080b0699f39d2eb1d90f7

          SHA512

          fdefd9e1ea20e1666ba015cb1de2a1cf5f58e3dce573fdb8ac8d193519eb632b94ade5b980acd958eff74d688d3d1e278327fa0cbc6ac3ec7369e016c18cedf7

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          323db8b3c073082fc4b96191bb8c0b58

          SHA1

          0c8ccc634be7a629a0cf406987df6c3c5a62dccd

          SHA256

          56f8c77809b1800828570e67cb32ac6dc75fc8aa23b19a5c4f4b30ceae364d31

          SHA512

          76509977aeb8d07a2ab60cc55a13af7faa6a3479a2b1d05514fd717eef778365d38b069cc22283009752026ee1d715adbc7a2dc6d1b855bfef3fde554f9a1573

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab4AC8.tmp
          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar4CA4.tmp
          Filesize

          175KB

          MD5

          dd73cead4b93366cf3465c8cd32e2796

          SHA1

          74546226dfe9ceb8184651e920d1dbfb432b314e

          SHA256

          a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

          SHA512

          ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63

          Download Submit